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Amendments to the Claims 



The listing of claims will replace all prior versions, and listings of claims in the 
application. 

1 . (Currently Amended) A document security system for restricting access 
to secured documents, s aid document s e curity syst e m comprising: 

at least one process-driven security policy that includes a plurality of states and 
transition rules, each of the states having corr e sponding associated therewith one or more 
access restrictions, and the transition rules speeift ^specifying when- circumstances under 
which the secured document is to transition from one state to another; and 

an access manager that determines whether access to a secured document is 
permitted by a requestor based on the policy state associated therewith at the time access 
is requested and the corresponding one or more access restrictions thereof for the said 
process-driven security policy. 

2. (Currently Amended) The A-document security system as recited in claim 
1, wherein the corr e sponding one or more access restrictions for acc e ss to for the secured 
document are automatically changed when the state of the said-process-driven security 
policy for the secured document changes. 

3. (Currently Amended) The Ardocument security system as recited in claim 
1, wherein events cause the state of the said-process-driven security policy for the 
secured document to automatically transition b e tw e en stat e s from one state to another . 
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4. (Currently Amended) The A -document security system as recited in claim 

3, wherein the events are internal or external events with respect to the s aid-document 
security system, 

5. (Currently Amended) The Aniocument security system as recited in claim 

4, wherein at least one of the events is an external event from a document management 
system. 

6. (Currently Amended) The ^document security system as recited in claim 
1, wherein one or more of the corresponding one or more access restrictions for access to 
the secured document remain intact when the state of the said-process-driven security 
policy for the secured document changes. 

7. (Currently Amended) The AKiocument security system as recited in claim 
1, wherein events cause the state of the said-process-driven security policy to 
automatically transition botwoon states from one state to another , wherein the s aid 
process-driven security policy includes at least a first state, a second state, and a third 
state, and wherein a first event causes transition from the first state to the second state, 
and a second event causes transition from the second state to a third state. 
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8. (Currently Amended) The A-document security system as recited in claim 
1 , wherein events cause the state of the said-process-driven security policy to 
automatically transition betw ee n stat e s from one state to another , wherein the said 
process-driven security policy includes at least a first state and a second state, and 
wherein a first event causes transition from the first state to the second state. 

9. (Currently Amended) The A-document security system as recited in claim 
1, wherein the transition rules are based on events. 

10. (Currently Amended) The A-document security system as recited in claim 
9, wherein the transition rules are written in XML. 

1 1 . (Currently Amended) The A-document security system as recited in claim 
1, wherein events cause the state of the said-process-driven security policy for the 
secured document to transition from a previous state to a current state, and wherein the 
secured document is modified when thesaid-process-driven security policy for the 
secured document transitions from the previous state to the current state. 
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12. (Currently Amended) The Ardocument security system as recited in claim 
1 1, wherein the secured document includes at least a security information portion and an 
encrypted data portion, the security information portion including at least an encrypted 
key, and the key being encrypted must be decrypted in order to decrypt the encrypted 
data portion, and wherein when the saidr-process-driven security policy for the secured 
document transitions from the previous state to the current state, the secured document is 
modified by decrypting the encrypted key and then re-encrypting the key, whereby the 
key is encrypted differently for the current state than the previous state. 

13. (Currently Amended) The ^document security system as recited in claim 
11, wherein, when i £permitted, access to the secured document is available at a client 
machine. 

14. (Currently Amended) A method for transitioning at least one secured 
document through a security-policy state machine having a plurality of states, said 
method compri sing : 

(a) receiving an event; 

(b) determining whether the event causes a state transition for the at least one 
secured document from a former state to a subsequent state of the security-policy state 
machine; and 

(c) automatically transitioning from the former state to the subsequent state of the 
security-policy state machine when said-the determining (b) determines that the event 
causes the state transition. 
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15. (Currently Amended) The A-method as recited in claim 14, wherein the 
security-policy state machine implements a process-driven security policy, wherein each 
state of the security-policy state machine has different access restrictions. 

16. (Currently Amended) The A-method as recited in claim 14, wherein each 
of the states of the security-policy state machine have different access policies. 

17. (Currently Amended) The A r-method as recited in claim 16, wherein the 
security-policy state machine is provided as e^part of a document security system, and 
wherein the different access policies of the security-policy state machine are enforced by 
the document security system. 

1 8. (Currently Amended) The Ar-method as recited in claim 14, wherein the 
said transitioning (c) comprises modifying the secured document to reflect the 
subsequent state of the security-policy state machine. 
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19. (Currently Amended) The A-method as recited in claim 14, whoroin the 
said transitioning (c) comprisin g comprises : 

retrieving an encrypted file key from the secured document; 

decrypting, when if permitted by the former state of the security-policy state 
machine, the encrypted file key to yield a file key; 

subsequently encrypting the file key in accordance with the subsequent state of 
the security-policy state machine; and 

storing the secured document, the secured document including at least an 
encrypted data portion and the subsequently encrypted file key. 

20. (Currently Amended) The Ar-method as recited in claim 14, wherein the 
said transitioning (c) comprises: 

retrieving an encrypted file key from the secured document; 

obtaining a private state key associated with the former state of the security- 
policy state machine; 

decrypting the encrypted file key using the private file key; 

obtaining a public state key associated with the subsequent state of the security- 
policy state machine; 

subsequently encrypting the file key in accordance with the public state key; and 

storing the secured document, the secured document including at least an 
encrypted data portion and the subsequently encrypted file key. 
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21 . (Currently Amended) A method for imposing access restrictions on 
electronic documents, said method comprising: 

providing at least one process-driven security policy at a server machine, the 
process-driven security policy having a plurality of states associated therewith, each of 
the states having distinct access restrictions; 

providing a reference to the process-driven security policy at a client machine, 
the reference referring to the process-driven security policy resident on the server 
machine; 

associating the reference to an electronic document; 

transitioning the process-driven security policy from one state to a current state; 

and 

subsequently determining at the server computer whether a requestor is permitted 
to access the electronic document, the access being based on a current state of the 
process-driven security policy, the current state being informed to the server computer by 
sending the reference to the server computer. 

22. (Currently Amended) The A rmethod as recited in claim 21, wherein the 
said transitioning is automatically performed based on events. 

23. (Currently Amended) The Anmethod as recited in claim 22, wherein the 
said transitioning is performed at the server machine. 
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24. (Currently Amended) The A r-method as recited in claim 21, wherein the 
said associating associates the reference to a group of documents. 

25. (Currently Amended) The A-method as recited in claim 21 , wherein the 
said method pertains to a group of electronic documents, and wherein all of the 
electronic documents of the group are always in the same state of the process-driven 
security policy. 

26. (Currently Amended) The A-method as recited in claim 21, wherein the 
said determining comprises evaluating the process-driven security policy of an electronic 
document at the server computer based on at least the security policy restrictions for the 
current state of the process-driven security policy for the electronic document. 
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27. (Currently Amended) A tangible computer readable medium including at 
least computer program code , which when executed by a computer, causes the computer 
to for transitioning at l e ast one s e cur e d docum e nt through a s e curity policy stat e machine 
having a plurality of s tates, said comput e r r e adabl e medium comprising : 

computer program cod e for rec e iving detect an occurrence of an event; 

comput e r program cod e for d e t e rmining determine whether the event causes a 
state transition for the-at least one secured document from a former state to a subsequent 
state of athe-security-policy state machine having a plurality of states ; and 

computer program cod e for automatically transition transitioning from the former 
state to the subsequent state of the security-policy state machine wh e n said computer 
program code for upon determining det e rmin e s that the event causes the state transition. 
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28. (Currently Amended) A tangible computer readable medium including at 
least computer program code , which when executed by a computer, causes the computer 
to for imposing acces s r e strictions on e l e ctronic docum e nts, said computer r e adable 
m e dium comprising : 

computer program code for providing provide at least one process-driven security 
policy at a server machine, the process-driven security policy having a plurality of states 
associated therewith, each of the states having distinct access restrictions; 

computer program code for providing p rovide a reference to the process-driven 
security policy at a client machine, the reference referring to the process-driven security 
policy resident on the server machine; 

computer program cod e for a s sociating associate the reference to an electronic 
document; 

computer program cod e for transformin -g -transform the process-driven security 
policy from one state to a current state; and 

comput e r program cod e for d e t e rmining determine at the server computer 
whether a requestor is permitted to access the electronic document, the access being 
based on a current state of the process-driven security policy, the current state being 
informed to the server computer by sending the reference to the server computer. 
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